Converting Binary Logs in Flasher Research

I was running into an issue though when I used the port monitor to sniff the traffic from an Octopus box – the monitor kept crashing when I tried to view the data that was transfered. I knew I used the method outlined by Bram correctly since the output of the port monitor was several megabytes larger than the output of the box, however I couldnt get to the hex dump since the program crashed.

The solution lay in converting the binary log file created by the monitor into a text file with just the transferred hex. This is accomplished by selecting “Tools -> Convert binary log file” from the upper menu. A dialog box will then appear.

Binary Log Conversion

Select the log you want to convert and the output directory. Now select “unlimited” in Bytes per dump, “if transfered data exists” under Process Data, and Output Hex data, Output ASCII data, Align and Transferred data only. The resulting output should look something similar to the below.

Binary Conversion Output

Adjust the output settings as you need. I hope this helps you in your forensic endeavors.